2021-03-21 10:24:21 +00:00
|
|
|
from bundlewrap.metadata import atomic
|
|
|
|
|
2020-11-12 18:59:02 +00:00
|
|
|
defaults = {
|
|
|
|
'apt': {
|
|
|
|
'packages': {
|
2022-02-18 21:18:44 +00:00
|
|
|
'nfs-server': {
|
2022-02-18 21:37:07 +00:00
|
|
|
'needed_by': {
|
2022-02-18 21:18:44 +00:00
|
|
|
'svc_systemd:nfs-kernel-server',
|
|
|
|
'action:nfs_reload_shares',
|
2022-02-18 21:37:07 +00:00
|
|
|
},
|
2022-02-18 21:18:44 +00:00
|
|
|
},
|
2020-11-12 18:59:02 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
2021-03-21 10:24:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
@metadata_reactor.provides(
|
2021-06-03 11:59:15 +00:00
|
|
|
'firewall/port_rules',
|
2021-03-21 10:24:21 +00:00
|
|
|
)
|
2021-06-03 11:59:15 +00:00
|
|
|
def firewall(metadata):
|
2021-03-21 10:24:21 +00:00
|
|
|
ips = set()
|
|
|
|
|
|
|
|
for share_items in metadata.get('nfs-server/shares', {}).values():
|
|
|
|
for share_target in share_items:
|
2021-06-03 05:45:56 +00:00
|
|
|
ips.add(share_target)
|
2021-03-21 10:24:21 +00:00
|
|
|
|
|
|
|
return {
|
2021-06-03 11:59:15 +00:00
|
|
|
'firewall': {
|
2021-03-21 10:24:21 +00:00
|
|
|
'port_rules': {
|
|
|
|
'111': atomic(ips),
|
|
|
|
'111/udp': atomic(ips),
|
|
|
|
'2049': atomic(ips),
|
|
|
|
'35295': atomic(ips),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|